<?php
	ini_set('display_errors', 'on');
	error_reporting(E_ALL | E_STRICT);
	
	require 'lib/password.php';

	$stuno = $_POST['stuno'];
	$idno = $_POST['idno'];
	$pass = $_POST['pass'];
	$con_pass = $_POST['con_pass'];
	
	$query_string = '?';
	$error_flag = false;
	if(!preg_match("/^\d{12}$/", $stuno)) {
		$error_flag = true;
		$query_string = $query_string . "err_stuno=$stuno&";
	}
	if(!preg_match("/^(\d{15}|\d{18})$/", $idno)) {
		$error_flag = true;
		$query_string = $query_string . "err_idno=$idno&";
	}
	if(!preg_match("/^.{6,16}$/", $pass)) {
		$error_flag = true;
		$query_string = $query_string . 'err_pass=0&';
	}
	if($pass != $con_pass) {
		$error_flag = true;
		$query_string = $query_string . 'err_con_pass=0';
	}

	if($error_flag) {
		header("Location:http://localhost/register.php" . $query_string);
	}

	$new_pass = password_hash($pass, PASSWORD_BCRYPT);

	require 'lib/mysql.php';

	$origin = "select active from student where sid=?";
	if(!mysqli_stmt_prepare($mysqli_stmt, $origin)) {
		die('Statement Preparation Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}
	
	if(!mysqli_stmt_bind_param($mysqli_stmt, 's', $stuno)) {
		die('Statement Binding Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if(!mysqli_stmt_execute($mysqli_stmt)) {
		die('Statement Executing Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if(!mysqli_stmt_bind_result($mysqli_stmt, $b_active)) {
		die('Statement Bind Result Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if(!mysqli_stmt_store_result($mysqli_stmt)) {
		die('Statement Storing Result Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if(1 != mysqli_stmt_num_rows($mysqli_stmt)) {
		die('Statement Number of Rows Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if(!mysqli_stmt_fetch($mysqli_stmt)) {
		die('Statement Fetch Result Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if($b_active) {
		$query_string = $query_string . "already_reg=";
		header("Location:register.php" . $query_string);
		#flush();
		die();
	}

	mysqli_stmt_free_result($mysqli_stmt);

	$origin = "update student set passwd=?, active=0b1 where sid=?";
	if(!mysqli_stmt_prepare($mysqli_stmt, $origin)) {
		die('Statement Preparation Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if(!mysqli_stmt_bind_param($mysqli_stmt, 'ss', $new_pass, $stuno)) {
		die('Statement Binding Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	if(!mysqli_stmt_execute($mysqli_stmt)) {
		die('Statement Executing Fail, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	$affected_rows = mysqli_stmt_affected_rows($mysqli_stmt);
	if(1 != $affected_rows) {
		die('Abnormal rows have been affected, Error: (' . mysqli_stmt_errno($mysqli_stmt) . ')' . mysqli_stmt_error($mysqli_stmt));
	}

	mysqli_stmt_close($mysqli_stmt);
	mysqli_close($mysqli);

	$hostname = $_SERVER['HTTP_HOST'];
	$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
	header("Location: http://$hostname$uri/reg_success.php");
?>
